U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CBS Showtime website was spotted mining cryptocurrency in viewers’ web browsers

The websites of the CBS’s Showtime was found containing a JavaScript code that allowed someone to secretly mine cryptocurrency in viewers’ web browsers. Over the weekend,  the websites of the CBS’s Showtime were found containing a JavaScript code that allowed someone to secretly mine cryptocurrency in viewers’ web browsers. The websites Showtime.com and iShowtimeAnytime.com silently […]

CBS showtime miner code

The websites of the CBS’s Showtime was found containing a JavaScript code that allowed someone to secretly mine cryptocurrency in viewers’ web browsers.

Over the weekend,  the websites of the CBS’s Showtime were found containing a JavaScript code that allowed someone to secretly mine cryptocurrency in viewers’ web browsers.

The websites Showtime.com and iShowtimeAnytime.com silently injected in the visitors’ browser the code to abuse processor capabilities to mine Monero coins. The hidden code typically consumed as much as 60 percent of the overall CPU capacity on computers while visiting the sites.

The scripts were written by Code Hive, an outfit that develops legitim JavaScript codes that could be added by webmasters to their sites in order to generate revenue as an alternative to serving advertising.

The money mined by the scripts are managed by Code Hive and paid to the website owners.

The CBS case appears very strange, it is unlikely that the entertainment corporation has placed the mining code onto its websites because it already charges subscribers to watch the TV shows online.

It is possible that hackers compromised the website to deploy the mining JavaScript code and remove it before it was discovered, the script, in fact, worked during the weekend and disappeared on Monday.

I sincerely found also this hypothesis very strange, in my humble opinion an attacker that succeed in compromising a site like the CBS one could be more interested in delivering malware to its visitors and cash out its effort in another way.

The code was found between HTML comment tags used by the analytics firm New Relic, but it is unlikely the company would deliberately insert it.

Below the scripts on showtime.com and Showtime Anytime observed by El Reg.

and

CBS showtime miner code 3

New Relic told El Reg that the code was not deployed by its experts.

“We take the security of our browser agent extremely seriously and have multiple controls in place to detect malicious or unauthorized modification of its script at various points along its development and deployment pipeline,” states the company.

“Upon reviewing our products and code, the HTML comments shown in the screenshot that are referencing newrelic were not injected by New Relic’s agents. It appears they were added to the website by its developers.”

Of course, Code Hive knows who is behind the account linked to the mining code, but it doesn’t want to reveal it according to its privacy policy.

“We can’t give out any specific information about the account owner as per our privacy terms,” the outfit informed us. “We don’t know much about these keys or the user they belong to anyway.”

Recently a similar case occurred at the Pirate Bay website.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – CBS, Monero mining)

[adrotate banner=”12″]